From a1164dbe9ef45dc2135fd34bd9ad544c8b38a8c6 Mon Sep 17 00:00:00 2001
From: JRodriguez556 <37945660+JRodriguez556@users.noreply.github.com>
Date: Mon, 5 Oct 2020 11:57:17 -0400
Subject: [PATCH] Update php_fpm_rce.rb

URI.encode/URI.escape is obsolete. Replaced with CGI.escape.
---
 modules/exploits/multi/http/php_fpm_rce.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/exploits/multi/http/php_fpm_rce.rb b/modules/exploits/multi/http/php_fpm_rce.rb
index ff20c3e507..aeff464f59 100644
--- a/modules/exploits/multi/http/php_fpm_rce.rb
+++ b/modules/exploits/multi/http/php_fpm_rce.rb
@@ -126,8 +126,8 @@ class MetasploitModule < Msf::Exploit::Remote
   end
 
   def send_crafted_request(path:, qsl: datastore['MinQSL'], customh_length: 1, cmd: '', allow_retry: true)
-    uri = URI.encode(normalize_uri(target_uri.path, path)).gsub(/([?&])/, {'?'=>'%3F', '&'=>'%26'})
-    qsl_delta = uri.length - path.length - URI.encode(target_uri.path).length
+    uri = CGI.escape(normalize_uri(target_uri.path, path)).gsub(/([?&])/, {'?'=>'%3F', '&'=>'%26'})
+    qsl_delta = uri.length - path.length - CGI.escape(target_uri.path).length
     if qsl_delta.odd?
       fail_with Failure::Unknown, "Got odd qslDelta, that means the URL encoding gone wrong: path=#{path}, qsl_delta=#{qsl_delta}"
     end